When global disasters like the current pandemic strike, we see an increase in IT cybersecurity threats. End user security must become a priority if companies are to protect their employees, critical data, brands and corporate identities.
In times such as these, we can all practice some basic end user security procedures. Here are CBI’s top six recommendations for individuals and organizations to ensure end user security.
1. Security Awareness Training
In light of recent global events, end user security has become a global priority for most organizations, remote and more recently at-home users. The endpoints (laptops/desktops) being used by remote and at-home users may not have the same layers of protection as they do when they are connected to or working within the corporate network.
Organizations are now challenged on several fronts.
2. Secure Mobile Devices
We all rely on our mobile devices to stay connected and conduct business. In times of global pandemic, our mobile devices take on a whole new level of importance and functionality. It’s hard to imagine how our society would handle a global pandemic without the convenience of these amazing devices.
This added reliance on our mobile devices must include the following security focused initiatives:
3. Home and Public Wi-Fi
Recent times require all of us to work from less secure locations than we are used to. It is extremely important that you and your end users understand the risks associated with using your mobile device while connected to a remote Wi-Fi network.
Public networks (by design) are never secure, meaning cybercriminals have a variety of ways to steal information that passes through the network. It is far too easy for a cybercriminal to intercept the network traffic coming from and going to your mobile device. User credentials can easily be obtained using what is known as a “man-in-the-middle” attack.
Fortunately, users and organizations have an option to prevent this by installing a Virtual Private Network (VPN) application on your remote and mobile devices. A VPN allows the user to create a secure connection to another network over the Internet. VPNs can be used to access region-restricted websites, shield your browsing activity from prying eyes on public Wi-Fi, etc.
4. Provide Secure Internet Browsing
When a user is connected to the corporate network, they gain a number of security advantages. One of these primary advantages is protection when browsing the Internet. Remote users can lose that level of protection unless they have configured their endpoint properly. Organizations can provide access back into the secure corporate network by providing a secure VPN connection. Once connected, the remote users regain the benefits of being connected to the corporate network including a secure Internet browsing experience.
Organizations should also consider the deployment of a Client Access Security Broker (CASB) solution. A CASB can be installed on-premise or in the cloud. The CASB sits between users and cloud applications and services and monitors all activity and enforces security policies. Its most effective at monitoring what services are being used, if they are secure and most importantly if any users are storing or sharing corporate owned data in the cloud.
5. Remote Malware Detection and Response
The organizational workforce continues to work remotely. Organizations need to provide at-home and remote users with a cost-effective option for securing their personal computers, so employees who must use their personal home system to access corporate resources can do so safely and productively.
Organizations must also provide the same level of visibility and protection for remote corporate owned devices.
This level of protection must also include the ability to remotely respond if a remote users endpoint becomes infected. This is important because any remotely connected endpoint that is infected can also infect the corporate network.
6. Two-Factor Authentication
Some may say it isn’t a matter of “if” you or your organization will fall victim to some type of security breach, but “when.” In that case, you need to already be thinking about how you can protect your users and the organizations sensitive data.
One of the most cost-effective ways to accomplish this is to implement a two-factor authentication (“2FA”) solution. Modern 2FA solutions can be rapidly deployed and have little impact on users.
Consider how you log into your own personal online bank account. Most, if not all, banks and credit unions are using 2FA already. 2FA is already a part of our lives. CBI recommends extending that same level of security to your organization. 2FA is most effective in stopping a cybercriminal from doing anything with your credentials.
Now more than ever, remote users should be authenticating to the corporate network using some form of 2FA. This should also be adopted by remote users as a best practice when authenticating to any and all personal web-based services.
The End User Security Bottom Line
Ideally, to develop an effective end user security program, you are going to want to deliver on some or all of these above listed recommendations—in some capacity—in a highly scalable, flexible way—with minimal impact to end-users and administrators.